Pay with

USD

Supports Visa, Mastercard, SEPA & more

Flexible trading, zero fees

Use your crypto for payments worldwide

Basic

Trade crypto freely

Magnify your profit with leverage

Convert & Auto-Invest

Trade any size with no fees and no slippage

Get exposure to leveraged positions simply

Pre-Market Trading

Trade new tokens before listing

Advanced

Trade on-chain with Gate Wallet

Smart access to new on-chain tokens

Smart strategies with automated trading

Follow expert trading strategies

CrossEx Trading

One margin balance, shared across platforms

Access hundreds of perpetual contracts

One platform for global traditional assets

Trade European-style vanilla options

Unified Account

Maximize your capital efficiency

Introduction to Futures Trading

Learn the basics of futures trading

Join events to earn rewards

Use virtual funds to practice risk-free trading

U.S. stock CFD derivatives

High leverage, 24/7 trading

Tokenized Stocks

Backed by real stock assets

Mint GUSD for Treasury RWA yields

Launch

Collect candies to earn airdrops

Quick staking, earn potential new tokens

Hold GT and get massive airdrops for free

Unlock full access to global stock IPOs

Trade on-chain assets and earn airdrops

Earn futures points and claim airdrop rewards

Investment

Earn interest with idle tokens

Auto-invest on a regular basis

Dual Investment

Profit from market volatility

Earn rewards with flexible staking

Pledge one crypto to borrow another

One-stop lending hub

Premium wealth growth plans

Private Wealth Management

Premium asset allocation

Top-tier quant strategies

Stake cryptos to earn in PoS products

No-liquidation leverage

Post, share, and explore crypto trends

Live crypto market analysis

Chat with crypto traders

What is happening in crypto

More

Promotions

Activity Center

Participate in activities to earn rewards

Invite friends to earn referral rewards

Affiliate Program

Earn exclusive commission rewards

Grow influence and earn airdrops

Real-time platform updates

Crypto industry articles

Huge fee discounts

Asset Management

One‑stop asset management solution

Enterprise digital asset solutions

Developers (API)

Connects to the Gate application ecosystem

OTC Bank Transfer

Deposit and withdraw fiat

Generous API rebate mechanisms

AI

Your all-in-one conversational AI partner

Use Gate AI directly in your social App

Gate Blue Lobster, ready to go

Gate for AI Agent

AI infrastructure, Gate MCP, Skills, and CLI

Gate Skills Hub

From office tasks to trading, the all-in-one skill hub makes AI even more useful.

Smartly choose from 40+ AI models, with 0% extra fees

Others

Find FAQs and help guides

Learn about crypto investing

Grow with the champions

Proof of Reserves

Gate promises 100% proof of reserves

Keep your assets secure

Aikido: Over 30 npm packages targeted in IronWorm supply chain attack, stealing cloud service and AI keys

WuSaidBlockchainW

2026-06-04 00:20:28

Abstract generation in progress

According to Aikido Security, the new "IronWorm" supply chain attack has affected over 30 npm packages from asteroiddao, with malicious Rust binaries executed during the pre-installation phase. The attack program can scan 86 environment variables and 20 types of credential files, targeting AWS, GCP, Vault, npm, as well as AI keys from Anthropic, OpenAI, and others, and attempting to attack Exodus Wallet. The malware also uses an eBPF rootkit to conceal itself, reconnects via Tor, and propagates using the npm Trusted Publishing OIDC mechanism, while forging commits from claude, dependabot, renovate, and others to cover up traces of the attack.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

7 Likes

Reward
7
7
Repost
Share

Comment

Add a comment

Add a comment

TransparentDome

· 1h ago

Daring to touch Vault keys, enterprise-level secret management has become a mere formality.

View OriginalReply0

StakingDaydreamer

· 3h ago

eBPF rootkit + Tor back connection, this attack chain is more familiar to me than I am

View OriginalReply0

OnchainComplainer

· 3h ago

Can Trusted Publishing OIDC be forged? npm's trust mechanism has become a joke

View OriginalReply0

L2ArbitrageYoungster

· 3h ago

More than 30 packages mass-injected with malicious code, the name asteroiddao just sounds suspicious.

View OriginalReply0

GateUser-de2a15eb

· 3h ago

The npm supply chain has exploded again, and the pre-installation of Rust binaries is a sneaky move.

View OriginalReply0

MempoolSparrow

· 3h ago

Exodus wallet has also been targeted; crypto hoarders should quickly check their local environment.

View OriginalReply0

IceCreamUnderTheNeonLights

· 3h ago

Scan all 86 environment variables, my AWS keys are already trembling.

View OriginalReply0

Trending Topics
View More
#
ShareYourUSStocksWinNvidia
3.34M Popularity
#
GatePartnersWithAlpacaToBridgeCryptoAndStocks
4.19M Popularity
#
ETHPlunges5PercentBelow1800
116.85M Popularity
#
HYPEHitsAllTimeHigh
5.37M Popularity
#
WinGoldBarsWithGrowthPoints
1.29M Popularity

Pinned